About
Announcements
Contribute information
low
S3 Crypto SDK vulnerabilities
Published Mon, Aug 10th, 2020
Platforms
Summary
Affected Services
S3
Remediation
Update SDK
Tracked CVEs
CVE-2020-8912, CVE-2020-8911
References
https://twitter.com/SchmiegSophie/status/1292930639772004352
https://github.com/google/security-research/security/advisories/GHSA-76wf-9vgp-pj7w
https://github.com/google/security-research/security/advisories/GHSA-f5pg-7wfw-84q9
https://github.com/google/security-research/security/advisories/GHSA-7f33-f4f5-xwgw
https://aws.amazon.com/blogs/developer/updates-to-the-amazon-s3-encryption-client/
Contributed by
https://github.com/0xdabbad00
Entry Status
Finalized
Disclosure Date
Wed, Jul 1st, 2020
Exploitablity Period
-
Known ITW Exploitation
-
Detection Methods
-
Piercing Index Rating
-
Discovered by
Sophie Schmieg, Google
More vulnerabilities...
low
S3 Crypto SDK vulnerabilities
Sophie Schmieg, Google
Mon, Aug 10th, 2020
low
S3 Crypto SDK vulnerabilities
Sophie Schmieg, Google
Mon, Aug 10th, 2020
low
S3 Crypto SDK vulnerabilities
Sophie Schmieg, Google
Mon, Aug 10th, 2020
View all